Embodiments of the present invention relate to generating a session key as may exemplarily be used for secure mutual authentication between two communication partners and subsequent data transfer.
Secure mutual authentication between two communication partners, such as, for example, two user terminals in the form of a reader and a contact-free data card, in a symmetrical cryptographic method may, for example, be performed using a so-called challenge-response method, like, for example, a two-way or three-way challenge-response method. A challenge-response method is a method for authenticating a communication partner on the basis of knowledge. One communication partner poses a challenge which the other one has to solve (response) so as to prove knowing certain information. Methods of this kind are generally susceptible to side-channel attacks, such as, for example, DPA (differential power analysis), EMA (electro-magnetic analysis), etc. This means that an attacker is principally able to reconstruct a secret key of one of the two terminals and thus principally clone this terminal entailing relatively little effort, for example by recording current profiles (EM radiation profiles) in repeated authentication trials between the communication partners.
Hardware measures for protecting encryption on which authentication is based, such as, for example, block encryption, are relatively expensive.